It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
If this question can be reworded to fit the rules in the help center, please edit the question.

2

What do you mean "inside the virtual machine"? Unless VMWare uses its own password-based authentication for some purposes, the hypervisor has neither control nor responsibility for passwords used on the guest systems. Please clarify your question.
–
IsziMar 15 '12 at 23:22

Does VMware have its own password-based authentication at all? If so, how does it protect those passwords when running its own virtual machine residing on its host computer?
–
Kevin BrehmerMar 18 '12 at 6:29

1 Answer
1

It can't. The operating system hashes passwords and stores them somewhere on the disk image. Most operating systems use very weak password hashing schemes. Most notably the Microsoft world uses NTML or LM hashing scheme which can be broken with freely available rainbow tables.

On a side note, I have cracked a fair amount of XP passwords by brute forcing, and just entering the LM/NTML hashes on a site such as this md5decrypter.co.uk/ntlm-decrypt.aspx . As for the question, VMWare doesn't take any extra precautions, that is the operating systems job.
–
ekajMar 16 '12 at 3:02